From 6d65ba0ff7ad17abc112843c0ddbf53d2c8dba15 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 29 Nov 2023 12:19:21 +0000 Subject: [PATCH 01/14] feat: deploy terraforms --- .circleci/config.yml | 36 +++++++++++- build-system/scripts/deploy | 2 +- build-system/scripts/deploy_dockerhub | 29 +++++++--- build-system/scripts/deploy_terraform | 3 + build-system/scripts/ensure_terraform | 2 +- build-system/scripts/should_deploy | 12 ++-- iac/mainnet-fork/terraform/main.tf | 27 +++++---- iac/mainnet-fork/terraform/variables.tf | 6 +- l1-contracts/.gitignore | 5 +- l1-contracts/Dockerfile | 2 +- l1-contracts/scripts/ci_deploy_contracts.sh | 28 +++++++++ l1-contracts/scripts/deploy_contracts.sh | 54 ++++++++++++++++++ l1-contracts/terraform/main.tf | 57 +++++++++++++++++++ yarn-project/aztec-faucet/terraform/main.tf | 2 +- .../aztec-faucet/terraform/variables.tf | 2 +- yarn-project/aztec-node/terraform/main.tf | 40 +++++++++---- .../aztec-node/terraform/variables.tf | 29 ++++++---- yarn-project/ethereum/src/testnet.ts | 6 +- yarn-project/p2p-bootstrap/terraform/main.tf | 6 +- .../p2p-bootstrap/terraform/variables.tf | 12 ++-- 20 files changed, 296 insertions(+), 64 deletions(-) create mode 100644 l1-contracts/scripts/ci_deploy_contracts.sh create mode 100644 l1-contracts/scripts/deploy_contracts.sh create mode 100644 l1-contracts/terraform/main.tf diff --git a/.circleci/config.yml b/.circleci/config.yml index fc0c098126e..b3387647133 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -926,7 +926,19 @@ jobs: name: "Deploy mainnet fork" command: | should_deploy || exit 0 - deploy_ecr mainnet-fork + deploy mainnet-fork + + deploy-contracts: + machine: + image: ubuntu-2204:2023.07.2 + resource_class: medium + steps: + - *checkout + - *setup_env + - run: + name: "Deploy L1 contracts to mainnet fork" + working_directory: l1-contracts + command: ./scripts/ci_deploy_contracts.sh deploy-npm: machine: @@ -955,6 +967,23 @@ jobs: deploy_dockerhub noir x86_64,arm64 deploy_dockerhub aztec-sandbox x86_64,arm64 deploy_dockerhub cli x86_64,arm64 + deploy_dockerhub faucet x86_64,arm64 + deploy_dockerhub mainnet-fork x86_64,arm64 + + deploy-devnet: + machine: + image: ubuntu-2204:2023.07.2 + resource_class: medium + steps: + - *checkout + - *setup_env + - run: + name: "Deploy devnet to AWS" + command: | + should_deploy || exit 0 + deploy p2p-bootstrap + deploy aztec-node + deploy aztec-faucet # Repeatable config for defining the workflow below. defaults: &defaults @@ -1177,3 +1206,8 @@ workflows: - deploy-dockerhub: *defaults_deploy - deploy-npm: *defaults_deploy - deploy-mainnet-fork: *defaults_deploy + - deploy-contracts: + requires: + - deploy-mainnet-fork + <<: *defaults_deploy + diff --git a/build-system/scripts/deploy b/build-system/scripts/deploy index 06410f5f031..08ef24ac2e8 100755 --- a/build-system/scripts/deploy +++ b/build-system/scripts/deploy @@ -19,7 +19,7 @@ if check_rebuild cache-$CONTENT_HASH-$DEPLOY_TAG-deployed $REPOSITORY; then exit 0 fi -deploy_terraform $REPOSITORY ./terraform/$DEPLOY_ENV "$TO_TAINT" +deploy_terraform $REPOSITORY ./terraform/ "$TO_TAINT" # Restart services. for SERVICE in $SERVICES; do diff --git a/build-system/scripts/deploy_dockerhub b/build-system/scripts/deploy_dockerhub index 4009f453d48..ac99bbe4f1a 100755 --- a/build-system/scripts/deploy_dockerhub +++ b/build-system/scripts/deploy_dockerhub @@ -20,7 +20,17 @@ function docker_or_dryrun { echo "Repo: $REPOSITORY" echo "Arch List: $ARCH_LIST" -VERSION_TAG=$(extract_tag_version $REPOSITORY true) +VERSION_TAG=$(extract_tag_version $REPOSITORY false) + +# if no version tag, check if we're on `master` branch +if [[ -z "$VERSION_TAG" ]]; then + if [[ "$BRANCH" != "master" ]]; then + echo "No version tag found. Exiting" >&2 + exit 1 + fi + # if we're on master, use the DEPLOY_TAG as the version tag + VERSION_TAG=$DEPLOY_TAG +fi MANIFEST_DEPLOY_URI=$DOCKERHUB_ACCOUNT/$REPOSITORY:$VERSION_TAG MANIFEST_DIST_URI=$DOCKERHUB_ACCOUNT/$REPOSITORY:$DIST_TAG @@ -42,12 +52,17 @@ for ARCH in $ARCH_LIST; do echo "Adding image $IMAGE_DEPLOY_URI to manifest list $MANIFEST_DEPLOY_URI..." docker_or_dryrun manifest create $MANIFEST_DEPLOY_URI --amend $IMAGE_DEPLOY_URI - echo "Adding image $IMAGE_DEPLOY_URI to manifest list $MANIFEST_DIST_URI" - docker_or_dryrun manifest create $MANIFEST_DIST_URI --amend $IMAGE_DEPLOY_URI + # Add latest manifest if we're making a release. + if [[ "$VERSION_TAG" != $DEPLOY_TAG ]]; then + echo "Adding image $IMAGE_DEPLOY_URI to manifest list $MANIFEST_DIST_URI" + docker_or_dryrun manifest create $MANIFEST_DIST_URI --amend $IMAGE_DEPLOY_URI + fi done -echo "Tagging $MANIFEST_DEPLOY_URI as $VERSION_TAG..." docker_or_dryrun manifest push --purge $MANIFEST_DEPLOY_URI -# Publish version as latest. -echo "Tagging $MANIFEST_DEPLOY_URI as $DIST_TAG..." -docker_or_dryrun manifest push --purge $MANIFEST_DIST_URI + +# Retag version as latest if we're making a release. +if [[ "$VERSION_TAG" != "$DEPLOY_TAG" ]]; then + echo "Tagging $MANIFEST_DEPLOY_URI as $DIST_TAG..." + docker_or_dryrun manifest push --purge $MANIFEST_DIST_URI +fi diff --git a/build-system/scripts/deploy_terraform b/build-system/scripts/deploy_terraform index 6d7f6ef81bb..01ad94b07ac 100755 --- a/build-system/scripts/deploy_terraform +++ b/build-system/scripts/deploy_terraform @@ -25,6 +25,9 @@ echo "Deploying terraform found at $PWD..." # Always want to export the DEPLOY_TAG variable to terraform. It's used to easily scope releases. export TF_VAR_DEPLOY_TAG=$DEPLOY_TAG export TF_VAR_COMMIT_HASH=$COMMIT_HASH +export TF_VAR_DOCKERHUB_ACCOUNT=$DOCKERHUB_ACCOUNT +export TF_VAR_FORK_MNEMONIC=$FORK_MNEMONIC +export TF_VAR_API_KEY=$INFURA_API_KEY # If given a repository name, use it to construct and set/override the backend key. # Otherwise use the key as specified in the terraform. diff --git a/build-system/scripts/ensure_terraform b/build-system/scripts/ensure_terraform index f2e33c5445d..d7444aa4e4c 100755 --- a/build-system/scripts/ensure_terraform +++ b/build-system/scripts/ensure_terraform @@ -6,7 +6,7 @@ set -eu [ ! -f /usr/local/bin/terraform ] || exit 0 cd $HOME -TERRAFORM_VERSION=0.13.3 +TERRAFORM_VERSION=1.5.2 curl -sSL https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip -o terraform.zip sudo apt install -y unzip unzip terraform.zip diff --git a/build-system/scripts/should_deploy b/build-system/scripts/should_deploy index aac1504ab33..820f145cc39 100755 --- a/build-system/scripts/should_deploy +++ b/build-system/scripts/should_deploy @@ -1,7 +1,11 @@ #!/bin/bash -# Retuns success if we are expected to do a deploy. -# At present this is only if we have a commit tag. -# Once we are doing master deployments to devnet, we'll want to check if BRANCH is master. +# Returns success if we are expected to do a deployment. +# This is if we have a commit tag (release) or if we're on `master` branch (devnet deployment). + set -eu -[ -n "$COMMIT_TAG" ] \ No newline at end of file +if [ -n "$COMMIT_TAG" ] || [ "$BRANCH" = "master" ]; then + exit 0 +else + exit 1 +fi diff --git a/iac/mainnet-fork/terraform/main.tf b/iac/mainnet-fork/terraform/main.tf index 8cec1f4a18b..b91282c9662 100644 --- a/iac/mainnet-fork/terraform/main.tf +++ b/iac/mainnet-fork/terraform/main.tf @@ -1,7 +1,6 @@ terraform { backend "s3" { bucket = "aztec-terraform" - key = "aztec-network/mainnet-fork" region = "eu-west-2" } required_providers { @@ -50,7 +49,7 @@ provider "aws" { } resource "aws_service_discovery_service" "aztec_mainnet_fork" { - name = "aztec-network-mainnet-fork" + name = "${var.DEPLOY_TAG}-mainnet-fork" health_check_custom_config { failure_threshold = 1 @@ -75,10 +74,10 @@ resource "aws_service_discovery_service" "aztec_mainnet_fork" { # EFS filesystem for mainnet fork resource "aws_efs_file_system" "aztec_mainnet_fork_data_store" { - creation_token = "aztec-network-mainnet-fork-data" + creation_token = "${var.DEPLOY_TAG}-mainnet-fork-data" tags = { - Name = "aztec-network-mainnet-fork-data" + Name = "${var.DEPLOY_TAG}-mainnet-fork-data" } lifecycle_policy { @@ -100,7 +99,7 @@ resource "aws_efs_mount_target" "aztec_fork_private_az2" { # Define deployment task and service resource "aws_ecs_task_definition" "aztec_mainnet_fork" { - family = "aztec-network-mainnet-fork" + family = "${var.DEPLOY_TAG}-mainnet-fork" requires_compatibilities = ["FARGATE"] network_mode = "awsvpc" cpu = "2048" @@ -117,8 +116,8 @@ resource "aws_ecs_task_definition" "aztec_mainnet_fork" { container_definitions = <serve/contract_addresses.json + +cat serve/contract_addresses.json + +echo "Contract addresses have been written to serve/contract_addresses.json" diff --git a/l1-contracts/terraform/main.tf b/l1-contracts/terraform/main.tf new file mode 100644 index 00000000000..89cb2c801e5 --- /dev/null +++ b/l1-contracts/terraform/main.tf @@ -0,0 +1,57 @@ +terraform { + backend "s3" { + bucket = "aztec-terraform" + region = "eu-west-2" + } + required_providers { + aws = { + source = "hashicorp/aws" + version = "3.74.2" + } + } +} + +variable "ROLLUP_CONTRACT_ADDRESS" { + type = string + default = "" +} + +output "rollup_contract_address" { + value = var.ROLLUP_CONTRACT_ADDRESS +} + +variable "REGISTRY_CONTRACT_ADDRESS" { + type = string + default = "" +} + +output "registry_contract_address" { + value = var.REGISTRY_CONTRACT_ADDRESS +} + +variable "INBOX_CONTRACT_ADDRESS" { + type = string + default = "" +} + +output "inbox_contract_address" { + value = var.INBOX_CONTRACT_ADDRESS +} + +variable "OUTBOX_CONTRACT_ADDRESS" { + type = string + default = "" +} + +output "outbox_contract_address" { + value = var.OUTBOX_CONTRACT_ADDRESS +} + +variable "CONTRACT_DEPLOYMENT_EMITTER_ADDRESS" { + type = string + default = "" +} + +output "contract_deployment_emitter_address" { + value = var.CONTRACT_DEPLOYMENT_EMITTER_ADDRESS +} diff --git a/yarn-project/aztec-faucet/terraform/main.tf b/yarn-project/aztec-faucet/terraform/main.tf index 8a1f901fd09..a21e72a5ea0 100644 --- a/yarn-project/aztec-faucet/terraform/main.tf +++ b/yarn-project/aztec-faucet/terraform/main.tf @@ -84,7 +84,7 @@ resource "aws_ecs_task_definition" "aztec-faucet" { [ { "name": "${var.DEPLOY_TAG}-aztec-faucet", - "image": "${var.ECR_URL}/aztec-faucet:aztec3-packages-prod", + "image": "${var.DOCKERHUB_ACCOUNT}/aztec-faucet:${var.DEPLOY_TAG}", "essential": true, "memoryReservation": 3776, "portMappings": [ diff --git a/yarn-project/aztec-faucet/terraform/variables.tf b/yarn-project/aztec-faucet/terraform/variables.tf index 6ce160819ba..c5e11b4bbde 100644 --- a/yarn-project/aztec-faucet/terraform/variables.tf +++ b/yarn-project/aztec-faucet/terraform/variables.tf @@ -22,6 +22,6 @@ variable "PRIVATE_KEY" { type = string } -variable "ECR_URL" { +variable "DOCKERHUB_ACCOUNT" { type = string } diff --git a/yarn-project/aztec-node/terraform/main.tf b/yarn-project/aztec-node/terraform/main.tf index 52b5c903e7c..cc6e295cc78 100644 --- a/yarn-project/aztec-node/terraform/main.tf +++ b/yarn-project/aztec-node/terraform/main.tf @@ -1,6 +1,6 @@ # Terraform to setup a prototype network of Aztec Nodes in AWS # It sets up 2 full nodes with different ports/keys etc. -# Some duplication across the 2 defined services, could possibly +# Some duplication across the 2 defined services, could possibly # be refactored to use modules as and when we build out infrastructure for real @@ -49,6 +49,14 @@ data "terraform_remote_state" "aztec-network_iac" { } } +data "terraform_remote_state" "l1_contracts" { + backend = "s3" + config = { + bucket = "aztec-terraform" + key = "${var.DEPLOY_TAG}/l1-contracts" + region = "eu-west-2" + } +} resource "aws_cloudwatch_log_group" "aztec-node-log-group-1" { name = "/fargate/service/${var.DEPLOY_TAG}/aztec-node-1" @@ -99,7 +107,7 @@ resource "aws_ecs_task_definition" "aztec-node-1" { [ { "name": "${var.DEPLOY_TAG}-aztec-node-1", - "image": "${var.ECR_URL}/aztec-node:aztec3-packages-prod", + "image": "${var.DOCKERHUB_ACCOUNT}/aztec-sandbox:${var.DEPLOY_TAG}", "essential": true, "memoryReservation": 3776, "portMappings": [ @@ -111,10 +119,18 @@ resource "aws_ecs_task_definition" "aztec-node-1" { } ], "environment": [ + { + "name": "MODE", + "value": "node" + }, { "name": "NODE_ENV", "value": "production" }, + { + "name": "DEPLOY_TAG", + "value": "${var.DEPLOY_TAG}" + }, { "name": "AZTEC_NODE_PORT", "value": "80" @@ -149,19 +165,19 @@ resource "aws_ecs_task_definition" "aztec-node-1" { }, { "name": "CONTRACT_DEPLOYMENT_EMITTER_ADDRESS", - "value": "${var.CONTRACT_DEPLOYMENT_EMITTER_ADDRESS}" + "value": "${data.terraform_remote_state.l1_contracts.outputs.contract_deployment_emitter_address}" }, { "name": "ROLLUP_CONTRACT_ADDRESS", - "value": "${var.ROLLUP_CONTRACT_ADDRESS}" + "value": "${data.terraform_remote_state.l1_contracts.outputs.rollup_contract_address}" }, { "name": "INBOX_CONTRACT_ADDRESS", - "value": "${var.INBOX_CONTRACT_ADDRESS}" + "value": "${data.terraform_remote_state.l1_contracts.outputs.inbox_contract_address}" }, { "name": "REGISTRY_CONTRACT_ADDRESS", - "value": "${var.REGISTRY_CONTRACT_ADDRESS}" + "value": "${data.terraform_remote_state.l1_contracts.outputs.registry_contract_address}" }, { "name": "API_KEY", @@ -189,7 +205,7 @@ resource "aws_ecs_task_definition" "aztec-node-1" { }, { "name": "BOOTSTRAP_NODES", - "value": "/dns4/aztec-dev-aztec-bootstrap-2.local/tcp/${var.BOOTNODE_2_LISTEN_PORT}/p2p/${var.BOOTNODE_2_PEER_ID},/dns4/aztec-dev-aztec-bootstrap-1.local/tcp/${var.BOOTNODE_1_LISTEN_PORT}/p2p/${var.BOOTNODE_1_PEER_ID}" + "value": "/dns4/${var.DEPLOY_TAG}-aztec-bootstrap-2.local/tcp/${var.BOOTNODE_2_LISTEN_PORT}/p2p/${var.BOOTNODE_2_PEER_ID},/dns4/${var.DEPLOY_TAG}-aztec-bootstrap-1.local/tcp/${var.BOOTNODE_1_LISTEN_PORT}/p2p/${var.BOOTNODE_1_PEER_ID}" }, { "name": "P2P_ENABLED", @@ -400,7 +416,7 @@ resource "aws_ecs_task_definition" "aztec-node-2" { [ { "name": "${var.DEPLOY_TAG}-aztec-node-2", - "image": "${var.ECR_URL}/aztec-node:aztec3-packages-prod", + "image": "${var.DOCKERHUB_ACCOUNT}/aztec-node:${var.DEPLOY_TAG}", "essential": true, "memoryReservation": 3776, "portMappings": [ @@ -450,19 +466,19 @@ resource "aws_ecs_task_definition" "aztec-node-2" { }, { "name": "CONTRACT_DEPLOYMENT_EMITTER_ADDRESS", - "value": "${var.CONTRACT_DEPLOYMENT_EMITTER_ADDRESS}" + "value": "${data.terraform_remote_state.l1_contracts.outputs.contract_deployment_emitter_address}" }, { "name": "ROLLUP_CONTRACT_ADDRESS", - "value": "${var.ROLLUP_CONTRACT_ADDRESS}" + "value": "${data.terraform_remote_state.l1_contracts.outputs.rollup_contract_address}" }, { "name": "INBOX_CONTRACT_ADDRESS", - "value": "${var.INBOX_CONTRACT_ADDRESS}" + "value": "${data.terraform_remote_state.l1_contracts.outputs.inbox_contract_address}" }, { "name": "REGISTRY_CONTRACT_ADDRESS", - "value": "${var.REGISTRY_CONTRACT_ADDRESS}" + "value": "${data.terraform_remote_state.l1_contracts.outputs.registry_contract_address}" }, { "name": "API_KEY", diff --git a/yarn-project/aztec-node/terraform/variables.tf b/yarn-project/aztec-node/terraform/variables.tf index d80ae23529d..dfb71bfbd2d 100644 --- a/yarn-project/aztec-node/terraform/variables.tf +++ b/yarn-project/aztec-node/terraform/variables.tf @@ -31,15 +31,18 @@ variable "SEQ_2_PUBLISHER_PRIVATE_KEY" { } variable "CHAIN_ID" { - type = string + type = string + default = 31337 } variable "BOOTNODE_1_LISTEN_PORT" { - type = string + type = string + default = 40500 } variable "BOOTNODE_2_LISTEN_PORT" { - type = string + type = string + default = 40501 } variable "BOOTNODE_1_PEER_ID" { @@ -51,11 +54,13 @@ variable "BOOTNODE_2_PEER_ID" { } variable "NODE_1_TCP_PORT" { - type = string + type = string + default = 40400 } variable "NODE_2_TCP_PORT" { - type = string + type = string + default = 40401 } variable "NODE_1_PRIVATE_KEY" { @@ -66,22 +71,26 @@ variable "NODE_2_PRIVATE_KEY" { type = string } -variable "ECR_URL" { +variable "DOCKERHUB_ACCOUNT" { type = string } variable "SEQ_MAX_TX_PER_BLOCK" { - type = string + type = string + default = 64 } variable "SEQ_MIN_TX_PER_BLOCK" { - type = string + type = string + default = 32 } variable "P2P_MIN_PEERS" { - type = string + type = string + default = 50 } variable "P2P_MAX_PEERS" { - type = string + type = string + default = 100 } diff --git a/yarn-project/ethereum/src/testnet.ts b/yarn-project/ethereum/src/testnet.ts index b260356df75..c81e56d95cb 100644 --- a/yarn-project/ethereum/src/testnet.ts +++ b/yarn-project/ethereum/src/testnet.ts @@ -2,6 +2,8 @@ import { Chain } from 'viem'; import { EthereumChain } from './ethereum_chain.js'; +const {DEPLOY_TAG='aztec-dev'} = process.env; + export const createTestnetChain = (apiKey: string) => { const chain: Chain = { id: 677868, @@ -14,10 +16,10 @@ export const createTestnetChain = (apiKey: string) => { }, rpcUrls: { default: { - http: [`https://aztec-connect-testnet-eth-host.aztec.network:8545/${apiKey}`], + http: [`https://${DEPLOY_TAG}-mainnet-fork.aztec.network:8545/${apiKey}`], }, public: { - http: [`https://aztec-connect-testnet-eth-host.aztec.network:8545/${apiKey}`], + http: [`https://${DEPLOY_TAG}-mainnet-fork.aztec.network:8545/${apiKey}`], }, }, }; diff --git a/yarn-project/p2p-bootstrap/terraform/main.tf b/yarn-project/p2p-bootstrap/terraform/main.tf index a5b2f88ffb4..283204dd19c 100644 --- a/yarn-project/p2p-bootstrap/terraform/main.tf +++ b/yarn-project/p2p-bootstrap/terraform/main.tf @@ -1,6 +1,6 @@ # Terraform to setup a prototype network of Aztec Boot Nodes in AWS # It sets up 2 boot nodes with different ports/keys etc. -# Some duplication across the 2 defined services, could possibly +# Some duplication across the 2 defined services, could possibly # be refactored to use modules as and when we build out infrastructure for real terraform { @@ -97,7 +97,7 @@ resource "aws_ecs_task_definition" "aztec-bootstrap-1" { [ { "name": "${var.DEPLOY_TAG}-aztec-bootstrap-1", - "image": "${var.ECR_URL}/p2p-bootstrap:aztec3-packages-prod", + "image": "${var.DOCKERHUB_ACCOUNT}/p2p-bootstrap:${var.DEPLOY_TAG}", "essential": true, "command": ["start"], "memoryReservation": 3776, @@ -281,7 +281,7 @@ resource "aws_ecs_task_definition" "aztec-bootstrap-2" { [ { "name": "${var.DEPLOY_TAG}-aztec-bootstrap-2", - "image": "${var.ECR_URL}/p2p-bootstrap:aztec3-packages-prod", + "image": "${var.DOCKERHUB_ACCOUNT}/p2p-bootstrap:${var.DEPLOY_TAG}", "essential": true, "command": ["start"], "memoryReservation": 3776, diff --git a/yarn-project/p2p-bootstrap/terraform/variables.tf b/yarn-project/p2p-bootstrap/terraform/variables.tf index aafaf04abe0..46980ca69f6 100644 --- a/yarn-project/p2p-bootstrap/terraform/variables.tf +++ b/yarn-project/p2p-bootstrap/terraform/variables.tf @@ -3,7 +3,8 @@ variable "DEPLOY_TAG" { } variable "BOOTNODE_1_LISTEN_PORT" { - type = string + type = string + default = 40500 } variable "BOOTNODE_1_PRIVATE_KEY" { @@ -11,7 +12,8 @@ variable "BOOTNODE_1_PRIVATE_KEY" { } variable "BOOTNODE_2_LISTEN_PORT" { - type = string + type = string + default = 40501 } variable "BOOTNODE_2_PRIVATE_KEY" { @@ -23,9 +25,11 @@ variable "ECR_URL" { } variable "P2P_MIN_PEERS" { - type = string + type = string + default = 50 } variable "P2P_MAX_PEERS" { - type = string + type = string + default = 100 } From ae3c3370aefb776d41e27d2e77abe55032d6b2d1 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 29 Nov 2023 15:25:16 +0000 Subject: [PATCH 02/14] # of nodes variable --- yarn-project/aztec-node/terraform/main.tf | 419 ++++-------------- .../aztec-node/terraform/variables.tf | 18 +- 2 files changed, 82 insertions(+), 355 deletions(-) diff --git a/yarn-project/aztec-node/terraform/main.tf b/yarn-project/aztec-node/terraform/main.tf index cc6e295cc78..5e3a9184833 100644 --- a/yarn-project/aztec-node/terraform/main.tf +++ b/yarn-project/aztec-node/terraform/main.tf @@ -58,13 +58,43 @@ data "terraform_remote_state" "l1_contracts" { } } -resource "aws_cloudwatch_log_group" "aztec-node-log-group-1" { - name = "/fargate/service/${var.DEPLOY_TAG}/aztec-node-1" +# Compute list & map variables +variable "publisher_private_keys" { + description = "List of publisher private keys" + type = list(string) + default = [var.SEQ_1_PUBLISHER_PRIVATE_KEY, var.SEQ_2_PUBLISHER_PRIVATE_KEY] +} + + +variable "bootnode_ids" { + description = "List of bootnode numbers to their peer IDs" + type = list(string) + default = [var.BOOTNODE_1_PEER_ID, var.BOOTNODE_2_PEER_ID] +} + +variable "node_p2p_private_keys" { + description = "List of node p2p peer ID private keys" + type = list(string) + default = [var.NODE_1_PRIVATE_KEY, var.NODE_2_PRIVATE_KEY] +} + +locals { + node_count = length(var.publisher_private_keys) + bootnodes = [for i in range(0, local.node_count) : + "/dns4/${var.DEPLOY_TAG}-aztec-bootstrap-${i + 1}.local/tcp/${var.BOOTNODE_LISTEN_PORT + i}/p2p/${bootnode_ids[i]}" + ] + combined_bootnodes = join(",", local.bootnodes) +} + +resource "aws_cloudwatch_log_group" "aztec-node-log-group" { + count = local.node_count + name = "/fargate/service/${var.DEPLOY_TAG}/aztec-node-${count.index + 1}" retention_in_days = 14 } -resource "aws_service_discovery_service" "aztec-node-1" { - name = "${var.DEPLOY_TAG}-aztec-node-1" +resource "aws_service_discovery_service" "aztec-node" { + count = local.node_count + name = "${var.DEPLOY_TAG}-aztec-node-${count.index + 1}" health_check_custom_config { failure_threshold = 1 @@ -93,20 +123,21 @@ resource "aws_service_discovery_service" "aztec-node-1" { } } -# Define task definition and service. -resource "aws_ecs_task_definition" "aztec-node-1" { - family = "${var.DEPLOY_TAG}-aztec-node-1" +# Define task definitions for each node. +resource "aws_ecs_task_definition" "aztec-node" { + # for_each = var.node_keys + count = local.node_count + family = "${var.DEPLOY_TAG}-aztec-node-${count.index + 1}" requires_compatibilities = ["FARGATE"] network_mode = "awsvpc" cpu = "2048" memory = "4096" execution_role_arn = data.terraform_remote_state.setup_iac.outputs.ecs_task_execution_role_arn task_role_arn = data.terraform_remote_state.aztec2_iac.outputs.cloudwatch_logging_ecs_role_arn - - container_definitions = < Date: Wed, 29 Nov 2023 15:42:22 +0000 Subject: [PATCH 03/14] faucet updates --- .circleci/config.yml | 1 + yarn-project/aztec-faucet/terraform/main.tf | 14 +++++++------- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index b3387647133..39beee298a8 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -981,6 +981,7 @@ jobs: name: "Deploy devnet to AWS" command: | should_deploy || exit 0 + export TF_VAR_FAUCET_PRIVATE_KEY=$FAUCET_PRIVATE_KEY deploy p2p-bootstrap deploy aztec-node deploy aztec-faucet diff --git a/yarn-project/aztec-faucet/terraform/main.tf b/yarn-project/aztec-faucet/terraform/main.tf index a21e72a5ea0..bfbb82a982b 100644 --- a/yarn-project/aztec-faucet/terraform/main.tf +++ b/yarn-project/aztec-faucet/terraform/main.tf @@ -41,7 +41,7 @@ resource "aws_cloudwatch_log_group" "aztec-faucet" { } resource "aws_service_discovery_service" "aztec-faucet" { - name = "${var.DEPLOY_TAG}-aztec-faucet" + name = "${var.DEPLOY_TAG}-faucet" health_check_custom_config { failure_threshold = 1 @@ -72,7 +72,7 @@ resource "aws_service_discovery_service" "aztec-faucet" { # Define task definition and service. resource "aws_ecs_task_definition" "aztec-faucet" { - family = "${var.DEPLOY_TAG}-aztec-faucet" + family = "${var.DEPLOY_TAG}-faucet" requires_compatibilities = ["FARGATE"] network_mode = "awsvpc" cpu = "2048" @@ -83,7 +83,7 @@ resource "aws_ecs_task_definition" "aztec-faucet" { container_definitions = < Date: Wed, 29 Nov 2023 15:43:42 +0000 Subject: [PATCH 04/14] run deploy-devnet job --- .circleci/config.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index 39beee298a8..e8b04b99cd9 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1211,4 +1211,8 @@ workflows: requires: - deploy-mainnet-fork <<: *defaults_deploy + - deploy-devnet: + requires: + - deploy-contracts + <<: *defaults_deploy From 90d5ab81ddd004bdc15440dca04c85293a00a834 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 29 Nov 2023 15:47:23 +0000 Subject: [PATCH 05/14] missing variable --- yarn-project/p2p-bootstrap/terraform/variables.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/yarn-project/p2p-bootstrap/terraform/variables.tf b/yarn-project/p2p-bootstrap/terraform/variables.tf index 46980ca69f6..de631bcb51b 100644 --- a/yarn-project/p2p-bootstrap/terraform/variables.tf +++ b/yarn-project/p2p-bootstrap/terraform/variables.tf @@ -33,3 +33,7 @@ variable "P2P_MAX_PEERS" { type = string default = 100 } + +variable "DOCKERHUB_ACCOUNT" { + type = string +} From 7b27613d08ccf5578ee15c75f7c842a0eda11976 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 29 Nov 2023 16:00:02 +0000 Subject: [PATCH 06/14] Fixes --- yarn-project/ethereum/src/testnet.ts | 2 +- yarn-project/p2p-bootstrap/terraform/variables.tf | 4 ---- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/yarn-project/ethereum/src/testnet.ts b/yarn-project/ethereum/src/testnet.ts index c81e56d95cb..3893d618db2 100644 --- a/yarn-project/ethereum/src/testnet.ts +++ b/yarn-project/ethereum/src/testnet.ts @@ -2,7 +2,7 @@ import { Chain } from 'viem'; import { EthereumChain } from './ethereum_chain.js'; -const {DEPLOY_TAG='aztec-dev'} = process.env; +const { DEPLOY_TAG='aztec-dev' } = process.env export const createTestnetChain = (apiKey: string) => { const chain: Chain = { diff --git a/yarn-project/p2p-bootstrap/terraform/variables.tf b/yarn-project/p2p-bootstrap/terraform/variables.tf index de631bcb51b..4dd393becb3 100644 --- a/yarn-project/p2p-bootstrap/terraform/variables.tf +++ b/yarn-project/p2p-bootstrap/terraform/variables.tf @@ -20,10 +20,6 @@ variable "BOOTNODE_2_PRIVATE_KEY" { type = string } -variable "ECR_URL" { - type = string -} - variable "P2P_MIN_PEERS" { type = string default = 50 From 6a92e0f5ef61bda5accb499fd3f4cba4aee82c83 Mon Sep 17 00:00:00 2001 From: spypsy Date: Thu, 30 Nov 2023 12:48:07 +0000 Subject: [PATCH 07/14] Node index fixes from PR Co-authored-by: PhilWindle <60546371+PhilWindle@users.noreply.github.com> --- yarn-project/aztec-node/terraform/main.tf | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/yarn-project/aztec-node/terraform/main.tf b/yarn-project/aztec-node/terraform/main.tf index 5e3a9184833..d5c1628e223 100644 --- a/yarn-project/aztec-node/terraform/main.tf +++ b/yarn-project/aztec-node/terraform/main.tf @@ -216,7 +216,7 @@ resource "aws_ecs_task_definition" "aztec-node" { }, { "name": "API_PREFIX", - "value": "/${var.DEPLOY_TAG}/aztec-node-1" + "value": "/${var.DEPLOY_TAG}/aztec-node-${count.index + 1}" }, { "name": "P2P_TCP_LISTEN_PORT", @@ -262,7 +262,7 @@ resource "aws_ecs_task_definition" "aztec-node" { "logConfiguration": { "logDriver": "awslogs", "options": { - "awslogs-group": "/fargate/service/${var.DEPLOY_TAG}/aztec-node-1", + "awslogs-group": "/fargate/service/${var.DEPLOY_TAG}/aztec-node-${count.index + 1}", "awslogs-region": "eu-west-2", "awslogs-stream-prefix": "ecs" } @@ -356,7 +356,7 @@ resource "aws_lb_listener_rule" "api" { resource "aws_lb_target_group" "aztec-node-target-group" { count = local.node_count - name = "${var.DEPLOY_TAG}-node-1-p2p-target" + name = "${var.DEPLOY_TAG}-node-${count.index + 1}-p2p-target" port = var.NODE_TCP_PORT + count.index protocol = "TCP" target_type = "ip" @@ -385,13 +385,13 @@ resource "aws_security_group_rule" "allow-node-tcp" { ## NLB listeners can't have a 'weight' property defined. You will see there isn't one here but that doesn't ## stop it trying to automatically specify one and giving an error -# resource "aws_lb_listener" "aztec-node-1-tcp-listener" { +# resource "aws_lb_listener" "aztec-node-${count.index + 1}-tcp-listener" { # load_balancer_arn = data.terraform_remote_state.aztec-network_iac.outputs.nlb_arn -# port = "${var.NODE_1_TCP_PORT}" +# port = var.NODE_TCP_PORT + count.index # protocol = "TCP" # tags = { -# name = "aztec-node-1-tcp-listener" +# name = "aztec-node-${count.index}-tcp-listener" # } # default_action { @@ -399,7 +399,7 @@ resource "aws_security_group_rule" "allow-node-tcp" { # forward { # target_group { -# arn = aws_lb_target_group.aztec-bootstrap-1-target-group.arn +# arn = aws_lb_target_group.aztec-bootstrap-${count.index}-target-group.arn # } # } # } From d86e9b61bc70b35e8c007803595171f53f289e9a Mon Sep 17 00:00:00 2001 From: spypsy Date: Thu, 30 Nov 2023 12:48:41 +0000 Subject: [PATCH 08/14] formatting --- yarn-project/ethereum/src/testnet.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/yarn-project/ethereum/src/testnet.ts b/yarn-project/ethereum/src/testnet.ts index 3893d618db2..4c3694f9361 100644 --- a/yarn-project/ethereum/src/testnet.ts +++ b/yarn-project/ethereum/src/testnet.ts @@ -2,7 +2,7 @@ import { Chain } from 'viem'; import { EthereumChain } from './ethereum_chain.js'; -const { DEPLOY_TAG='aztec-dev' } = process.env +const { DEPLOY_TAG = 'aztec-dev' } = process.env; export const createTestnetChain = (apiKey: string) => { const chain: Chain = { From 4d020dd3242057062e89df67160cd3d99693695e Mon Sep 17 00:00:00 2001 From: PhilWindle Date: Thu, 30 Nov 2023 14:08:15 +0000 Subject: [PATCH 09/14] Added missing files --- yarn-project/aztec-node/terraform/main.tf | 2 +- .../terraform/servicediscovery-drain.sh | 20 +++++++++++++++++++ yarn-project/p2p-bootstrap/terraform/main.tf | 4 ++-- .../terraform/servicediscovery-drain.sh | 20 +++++++++++++++++++ 4 files changed, 43 insertions(+), 3 deletions(-) create mode 100755 yarn-project/aztec-node/terraform/servicediscovery-drain.sh create mode 100755 yarn-project/p2p-bootstrap/terraform/servicediscovery-drain.sh diff --git a/yarn-project/aztec-node/terraform/main.tf b/yarn-project/aztec-node/terraform/main.tf index d5c1628e223..16e31e32972 100644 --- a/yarn-project/aztec-node/terraform/main.tf +++ b/yarn-project/aztec-node/terraform/main.tf @@ -119,7 +119,7 @@ resource "aws_service_discovery_service" "aztec-node" { # Terraform just fails if this resource changes and you have registered instances. provisioner "local-exec" { when = destroy - command = "${path.module}/../servicediscovery-drain.sh ${self.id}" + command = "${path.module}/servicediscovery-drain.sh ${self.id}" } } diff --git a/yarn-project/aztec-node/terraform/servicediscovery-drain.sh b/yarn-project/aztec-node/terraform/servicediscovery-drain.sh new file mode 100755 index 00000000000..1fa02e92d91 --- /dev/null +++ b/yarn-project/aztec-node/terraform/servicediscovery-drain.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +[ $# -ne 1 ] && echo "Usage: $0 " && exit 1 + +serviceId="--service-id=$1" + +echo "Draining servicediscovery instances from $1 ..." +ids="$(aws servicediscovery list-instances $serviceId --query 'Instances[].Id' --output text | tr '\t' ' ')" + +found= +for id in $ids; do + if [ -n "$id" ]; then + echo "Deregistering $1 / $id ..." + aws servicediscovery deregister-instance $serviceId --instance-id "$id" + found=1 + fi +done + +# Yes, I'm being lazy here... +[ -n "$found" ] && sleep 5 || true \ No newline at end of file diff --git a/yarn-project/p2p-bootstrap/terraform/main.tf b/yarn-project/p2p-bootstrap/terraform/main.tf index 283204dd19c..cf44601e5f8 100644 --- a/yarn-project/p2p-bootstrap/terraform/main.tf +++ b/yarn-project/p2p-bootstrap/terraform/main.tf @@ -80,7 +80,7 @@ resource "aws_service_discovery_service" "aztec-bootstrap-1" { # Terraform just fails if this resource changes and you have registered instances. provisioner "local-exec" { when = destroy - command = "${path.module}/../servicediscovery-drain.sh ${self.id}" + command = "${path.module}/servicediscovery-drain.sh ${self.id}" } } @@ -264,7 +264,7 @@ resource "aws_service_discovery_service" "aztec-bootstrap-2" { # Terraform just fails if this resource changes and you have registered instances. provisioner "local-exec" { when = destroy - command = "${path.module}/../servicediscovery-drain.sh ${self.id}" + command = "${path.module}/servicediscovery-drain.sh ${self.id}" } } diff --git a/yarn-project/p2p-bootstrap/terraform/servicediscovery-drain.sh b/yarn-project/p2p-bootstrap/terraform/servicediscovery-drain.sh new file mode 100755 index 00000000000..1fa02e92d91 --- /dev/null +++ b/yarn-project/p2p-bootstrap/terraform/servicediscovery-drain.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +[ $# -ne 1 ] && echo "Usage: $0 " && exit 1 + +serviceId="--service-id=$1" + +echo "Draining servicediscovery instances from $1 ..." +ids="$(aws servicediscovery list-instances $serviceId --query 'Instances[].Id' --output text | tr '\t' ' ')" + +found= +for id in $ids; do + if [ -n "$id" ]; then + echo "Deregistering $1 / $id ..." + aws servicediscovery deregister-instance $serviceId --instance-id "$id" + found=1 + fi +done + +# Yes, I'm being lazy here... +[ -n "$found" ] && sleep 5 || true \ No newline at end of file From e833c06c57768e5c544ef312bcb42b2f66ba95a6 Mon Sep 17 00:00:00 2001 From: PhilWindle Date: Thu, 30 Nov 2023 14:33:39 +0000 Subject: [PATCH 10/14] Minor change to fees yellow paper --- yellow-paper/docs/gas-and-fees/gas-and-fees.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/yellow-paper/docs/gas-and-fees/gas-and-fees.md b/yellow-paper/docs/gas-and-fees/gas-and-fees.md index 6c70c3a5d82..f4d63b6b4bf 100644 --- a/yellow-paper/docs/gas-and-fees/gas-and-fees.md +++ b/yellow-paper/docs/gas-and-fees/gas-and-fees.md @@ -156,14 +156,15 @@ This would appear to introduce a circular dependency whereby an appropriate fee - **l1FeeDistributionGas** - The amount of L1 gas the transaction is willing to pay for execution of the fee distribution function - **l2FeeDistributionGas** - The amount of L1 gas the transaction is willing to pay for execution of the fee distribution function -Initially, the values of transaction gas limits can be set to a very high number, the base gas limits set to values corresponding to the user's chosen amortization level and the fees aet to 0. The transaction can be simulated under these conditions and simulation will provide actual gas consumption figures. Simulation can then be repeated with more realistic values of gas limits and the updated gas consumption figures will be reported. A few iterations of this process will enable the user to establish and prepare an appropriate fee. -Simulation of the transaction will provide feedback as to it's gas consumption, this can be repeated to converge on the optimum fee to be prepared. The private portion of the transaction will be proven via the private kernel circuit resulting in a number of fee related public inputs: +Simulation of the transaction will provide feedback as to it's gas consumption, this can be repeated to converge on the optimum values of fee and gas limits for the transaction. The private portion of the transaction will be proven via the private kernel circuit resulting in a number of fee related public inputs: - **feeCommitments** - New commitments generated as part of fee preparation - **feeNullifiers** - New nullifiers generated as part of fee preparation - **feePreparation** - A single public function call to be made as part of fee preparation - **feeDistribution** - A single public function call to be made as part of fee distribution +- **feeEncryptedLogsHash** - The hash of encrypted logs generated by the fee payment +- **feeUnencryptedLogsHash** - The hash of unencrypted logs generated by the fee payment - **feePerL1Gas** - The fee provided per unit of L1 gas - **feePerL2Gas** - The fee provided per unit of L2 gas - **l1BaseGasLimit** - The upper bound of L1 amortized gas the transaction is willing to pay for From 78358ed7df2a312836addcd592ecabeaa0f9c338 Mon Sep 17 00:00:00 2001 From: PhilWindle Date: Mon, 4 Dec 2023 16:54:45 +0000 Subject: [PATCH 11/14] Try fix --- l1-contracts/scripts/ci_deploy_contracts.sh | 2 +- l1-contracts/scripts/deploy_contracts.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/l1-contracts/scripts/ci_deploy_contracts.sh b/l1-contracts/scripts/ci_deploy_contracts.sh index 80cbf28173a..eda901fd9c7 100644 --- a/l1-contracts/scripts/ci_deploy_contracts.sh +++ b/l1-contracts/scripts/ci_deploy_contracts.sh @@ -35,4 +35,4 @@ done deploy_terraform l1-contracts ./terraform # Tag the image as deployed. -retry tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed +retry tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed \ No newline at end of file diff --git a/l1-contracts/scripts/deploy_contracts.sh b/l1-contracts/scripts/deploy_contracts.sh index 6223a0719a9..66f8e4524b0 100644 --- a/l1-contracts/scripts/deploy_contracts.sh +++ b/l1-contracts/scripts/deploy_contracts.sh @@ -51,4 +51,4 @@ jq -n \ cat serve/contract_addresses.json -echo "Contract addresses have been written to serve/contract_addresses.json" +echo "Contract addresses have been written to serve/contract_addresses.json" \ No newline at end of file From 5e5d61275b4d64151b9aadf80ca449894a2eb1d0 Mon Sep 17 00:00:00 2001 From: PhilWindle Date: Mon, 4 Dec 2023 16:57:34 +0000 Subject: [PATCH 12/14] Revert --- l1-contracts/scripts/ci_deploy_contracts.sh | 2 +- l1-contracts/scripts/deploy_contracts.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/l1-contracts/scripts/ci_deploy_contracts.sh b/l1-contracts/scripts/ci_deploy_contracts.sh index eda901fd9c7..80cbf28173a 100644 --- a/l1-contracts/scripts/ci_deploy_contracts.sh +++ b/l1-contracts/scripts/ci_deploy_contracts.sh @@ -35,4 +35,4 @@ done deploy_terraform l1-contracts ./terraform # Tag the image as deployed. -retry tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed \ No newline at end of file +retry tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed diff --git a/l1-contracts/scripts/deploy_contracts.sh b/l1-contracts/scripts/deploy_contracts.sh index 66f8e4524b0..6223a0719a9 100644 --- a/l1-contracts/scripts/deploy_contracts.sh +++ b/l1-contracts/scripts/deploy_contracts.sh @@ -51,4 +51,4 @@ jq -n \ cat serve/contract_addresses.json -echo "Contract addresses have been written to serve/contract_addresses.json" \ No newline at end of file +echo "Contract addresses have been written to serve/contract_addresses.json" From b1038d0ea5ed4f076f012223ea0eda4ce2d35958 Mon Sep 17 00:00:00 2001 From: PhilWindle Date: Mon, 4 Dec 2023 17:05:31 +0000 Subject: [PATCH 13/14] Permission change --- l1-contracts/scripts/ci_deploy_contracts.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 l1-contracts/scripts/ci_deploy_contracts.sh diff --git a/l1-contracts/scripts/ci_deploy_contracts.sh b/l1-contracts/scripts/ci_deploy_contracts.sh old mode 100644 new mode 100755 From 4c3d1ed503fbb0ff006c5c28865cb5796a9c874b Mon Sep 17 00:00:00 2001 From: PhilWindle Date: Mon, 4 Dec 2023 17:05:58 +0000 Subject: [PATCH 14/14] Permission change --- l1-contracts/scripts/deploy_contracts.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 l1-contracts/scripts/deploy_contracts.sh diff --git a/l1-contracts/scripts/deploy_contracts.sh b/l1-contracts/scripts/deploy_contracts.sh old mode 100644 new mode 100755